Chapter 39 AAA Server

39.1.2 RADIUS Server

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of the device. In essence, RADIUS authentication allows you to validate a large number of users from a central location.

Figure 355 RADIUS Server Network Example

39.1.3 ASAS

ASAS (Authenex Strong Authentication System) is a RADIUS server that works with the One-Time Password (OTP) feature. Purchase a ZyWALL OTP package in order to use this feature. The package contains server software and physical OTP tokens (PIN generators). Do the following to use OTP. See the documentation included on the ASAS’ CD for details.

1Install the ASAS server software on a computer.

2Create user accounts on the ZyWALL and in the ASAS server.

3Import each token’s database file (located on the included CD) into the server.

4Assign users to OTP tokens (on the ASAS server).

5Configure the ASAS as a RADIUS server in the ZyWALL’s Configuration > Object > AAA Server screens.

6Give the OTP tokens to (local or remote) users.

39.1.4What You Can Do in this Chapter

Use the Configuration > Object > AAA Server > Active Directory (or LDAP) screens (Section 39.2 on page 621) to configure Active Directory or LDAP server objects.

618

 

ZyWALL USG 50 User’s Guide